Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Five big security threats for 2011

Ian Paul | March 10, 2011
Online malicious activity was a major headache in 2010, and so far, 2011 is no different: We've seen scams and malware on Twitter, Facebook, and the Android Market, as well as a rise in politically motivated online attacks. But that's no surprise to security experts such as Graham Cluley, senior technology consultant for security firm Sophos. Cluley says that Sophos analyzes about 95,000 pieces of malware every day that is either brand-new or a variant of an older attack.

The threat of malware, coupled with other security threats (such as data leakage from a lost phone) may soon impact your ability to use personal devices at work, according to Andrew Jaquith, chief technology officer of Perimeter E-Security. Companies may begin to set some serious ground rules for putting company data on personal mobile devices by enforcing "policies for passwords, device locking, remote wipe, and hardware encryption," Jaquith says.

Protect yourself: You can't trust that all apps on the Android Market are malware free. Make sure you read app reviews in the Market and on reputable app review sites such as PC World's AppGuide. And avoid installing any applications you get from unknown sources. That .apk file may be titled "Fruit Ninja" but in reality is a Trojan horse waiting to be unleashed. Don't forget that a number of mobile antivirus apps are available for Android, and it may be wise to have at least one installed on your phone.

Also, read an app's permissions screen carefully--it details what kinds of data an Android application can access (Google makes it mandatory for developers to have a complete list of permissions for every feature that an app has access to on your phone). You can find this list on every app's page in the Android Market (it appears right after you tap the button to download an app). See if you can uncheck undesirable permissions. If you're downloading a wallpaper application, for example, chances are it doesn't need to know your exact location.

iOS users aren't off the hook, either: Some bad actors have slipped by Apple's censors in the past despite the company's third-party app-vetting process. Over the summer, for example, a flashlight app that had hidden functionality got approved to the App Store. The actual risk may be low, but it isn't impossible for a seemingly legit app to have some hidden, malicious capabilities.

Threat 2: Social Network-Based Scams

Social networks such as Facebook and Twitter may be a great place to connect with friends, but they are also a breeding ground for malicious activity. Cluley says some of the most rapid growth in online attacks comes from social networks. In November, antivirus maker BitDefender made a similar statement, saying 20 percent of all Facebook users are active targets of malware.

Social network scams often take the form of phishing attacks that try to lure you in with photos or videos, and harvest your personal information or Facebook login--or worse, infect your PC with malware--along the way. Often, these links will come from Facebook friends who fall victim to these scams. You could also run across rogue Facebook applications that try to access your Facebook data and that of your friends.

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.